Blogs

Events

Stories

Attention: RHN Hosted will reach the end of its service life on July 31, 2017.
Customers will be required to migrate existing systems to Red Hat Subscription Management prior to this date.
Learn more here

Details

Updated coolkey packages that fix a security issue and various bugs are nowavailable for Red Hat Enterprise Linux 5.

This update has been rated as having low security impact by the RedHat Security Response Team.

coolkey contains the driver support for the CoolKey and Common Access Card(CAC) Smart Card products. The CAC is used by the U.S. Government.

Steve Grubb discovered a flaw in the way coolkey created a temporarydirectory. A local attacker could perform a symlink attack and causearbitrary files to be overwritten. (CVE-2007-4129)

In addition, the updated packages contain fixes for the following bugs inthe CAC Smart Card support:

* CAC Smart Cards can have from 1 to 3 certificates. The coolkey driver,however, was not recognizing cards if they had less than 3 certificates.

* logging into a CAC Smart Card token with a new application would causeother, already authenticated, applications to lose their login statusunless the Smart Card was then removed from the reader and re-inserted.

All CAC users should upgrade to these updated packages, which resolve theseissues.

Solution

Before applying this update, make sure that all previously-releasederrata relevant to your system have been applied.

200295 - Coolkey does not support CAC cards with less than 3 certs200316 - Open apps loose the CAC card after a C_logout from another app.251774 - CVE-2007-4129 coolkey file and directory permission flaw